/** * Verify if the user is allowed to make DB notification related calls. * Only the superusers defined in the Hadoop proxy user settings have the permission. * * @param user the short user name * @param conf that contains the proxy user settings * @return if the user has the permission */ public static boolean checkUserHasHostProxyPrivileges(String user, Configuration conf, String ipAddress) { DefaultImpersonationProvider sip = ProxyUsers.getDefaultImpersonationProvider(); // Just need to initialize the ProxyUsers for the first time, given that the conf will not change on the fly if (sip == null) { ProxyUsers.refreshSuperUserGroupsConfiguration(conf); sip = ProxyUsers.getDefaultImpersonationProvider(); } Map<String, Collection<String>> proxyHosts = sip.getProxyHosts(); Collection<String> hostEntries = proxyHosts.get(sip.getProxySuperuserIpConfKey(user)); MachineList machineList = new MachineList(hostEntries); ipAddress = (ipAddress == null) ? StringUtils.EMPTY : ipAddress; return machineList.includes(ipAddress); }
/** * Verify if the user is allowed to make DB notification related calls. * Only the superusers defined in the Hadoop proxy user settings have the permission. * * @param user the short user name * @param conf that contains the proxy user settings * @return if the user has the permission */ public static boolean checkUserHasHostProxyPrivileges(String user, Configuration conf, String ipAddress) { DefaultImpersonationProvider sip = ProxyUsers.getDefaultImpersonationProvider(); // Just need to initialize the ProxyUsers for the first time, given that the conf will not change on the fly if (sip == null) { ProxyUsers.refreshSuperUserGroupsConfiguration(conf); sip = ProxyUsers.getDefaultImpersonationProvider(); } Map<String, Collection<String>> proxyHosts = sip.getProxyHosts(); Collection<String> hostEntries = proxyHosts.get(sip.getProxySuperuserIpConfKey(user)); MachineList machineList = new MachineList(hostEntries); ipAddress = (ipAddress == null) ? StringUtils.EMPTY : ipAddress; return machineList.includes(ipAddress); }
@Test public void testWithDuplicateProxyHosts() throws Exception { Configuration conf = new Configuration(); conf.set( DefaultImpersonationProvider.getTestProvider() .getProxySuperuserGroupConfKey(REAL_USER_NAME), StringUtils.join(",", Arrays.asList(GROUP_NAMES))); conf.set( DefaultImpersonationProvider.getTestProvider(). getProxySuperuserIpConfKey(REAL_USER_NAME), StringUtils.join(",", Arrays.asList(PROXY_IP,PROXY_IP))); ProxyUsers.refreshSuperUserGroupsConfiguration(conf); Collection<String> hosts = ProxyUsers.getDefaultImpersonationProvider().getProxyHosts().get( DefaultImpersonationProvider.getTestProvider(). getProxySuperuserIpConfKey(REAL_USER_NAME)); assertEquals (1,hosts.size()); }
@Test public void testWithDuplicateProxyHosts() throws Exception { Configuration conf = new Configuration(); conf.set( DefaultImpersonationProvider.getTestProvider() .getProxySuperuserGroupConfKey(REAL_USER_NAME), StringUtils.join(",", Arrays.asList(GROUP_NAMES))); conf.set( DefaultImpersonationProvider.getTestProvider(). getProxySuperuserIpConfKey(REAL_USER_NAME), StringUtils.join(",", Arrays.asList(PROXY_IP,PROXY_IP))); ProxyUsers.refreshSuperUserGroupsConfiguration(conf); Collection<String> hosts = ProxyUsers.getDefaultImpersonationProvider().getProxyHosts().get( DefaultImpersonationProvider.getTestProvider(). getProxySuperuserIpConfKey(REAL_USER_NAME)); assertEquals (1,hosts.size()); }
.get("hadoop.proxyuser.test.groups").contains("test_groups")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts")); .get("hadoop.proxyuser.test.groups").contains("test_groups_1")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts_1"));
.get("hadoop.proxyuser.test.groups").contains("test_groups")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts")); .get("hadoop.proxyuser.test.groups").contains("test_groups_1")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts_1"));
.get("hadoop.proxyuser.test.groups").contains("test_groups")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts"));
.get("hadoop.proxyuser.test.groups").contains("test_groups")); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").size() == 1); Assert.assertTrue(ProxyUsers.getDefaultImpersonationProvider().getProxyHosts() .get("hadoop.proxyuser.test.hosts").contains("test_hosts"));